<?php
/* -------------------------------------------------------------------------------------
* 	ID:						$Id: paypal_checkout.php 186 2013-09-22 07:56:53Z phone.mueller@googlemail.com $
* 	Letzter Stand:			$Revision: 186 $
* 	zuletzt geaendert von:	$Author: siekiera $
* 	Datum:					$Date: 2013-09-22 07:56:53 +0000 (Sun, 22 Sep 2013) $
*
* 	SEO:mercari by Siekiera Media
* 	http://www.seo-mercari.de
*
* 	Copyright (c) since 2011 SEO:mercari
* --------------------------------------------------------------------------------------
* 	based on:
* 	(c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
* 	(c) 2002-2003 osCommerce - www.oscommerce.com
* 	(c) 2003     nextcommerce - www.nextcommerce.org
* 	(c) 2005     xt:Commerce - www.xt-commerce.com
*
* 	ab 15.08.2008 Teile vom Hamburger-Internetdienst geändert
* 	Hamburger-Internetdienst Support Forums at www.forum.hamburger-internetdienst.de
* 	Stand 27.03.2010
*
* 	Released under the GNU General Public License
* ----------------------------------------------------------------------------------- */

include('includes/application_top.php');

$smarty = new Smarty();
require(DIR_FS_CATALOG.'templates/'.CURRENT_TEMPLATE.'/source/boxes.php');

require_once(DIR_FS_INC.'inc.address_label.php');
require_once(DIR_FS_INC.'inc.get_address_format_id.php');
require_once(DIR_FS_INC.'inc.count_shipping_modules.php');
require_once(DIR_FS_INC.'inc.check_stock.php');
require_once(DIR_FS_INC.'inc.calculate_tax.php');
require_once(DIR_FS_INC.'inc.check_stock.php');
require_once(DIR_FS_INC.'inc.display_tax_value.php');
require_once(DIR_FS_INC.'inc.get_attributes_model.php');
require_once(DIR_FS_INC.'inc.get_prid.php');
require(DIR_FS_INC.'inc.free_shipping.php');

require(DIR_WS_CLASSES.'http_client.php');
unset($_SESSION['tmp_oID']);

switch($_GET['error_message']) {
	case "1":
		$message = str_replace('\n', '', ERROR_CONDITIONS_NOT_ACCEPTED);
		$message_stack->add('checkout_payment', $message);
		break;
		
	case "2":
		$message = str_replace('\n', '', ERROR_ADDRESS_NOT_ACCEPTED);
		$message_stack->add('checkout_payment', $message);
		break;
		
	case "12":
		$message = str_replace('\n', '', ERROR_CONDITIONS_NOT_ACCEPTED);
		$message_stack->add('checkout_payment', $message);
		$message = str_replace('\n', '', ERROR_ADDRESS_NOT_ACCEPTED);
		$message_stack->add('checkout_payment', $message);
		break;
}

if(!$_SESSION['reshash']['TOKEN']){
	unset($_SESSION['payment']);
	unset($_SESSION['nvpReqArray']);
	unset($_SESSION['reshash']);
	unset($_SESSION['sendto']);
	redirect(href_link(FILENAME_SHOPPING_CART));
}

$o_paypal->paypal_get_customer_data();

if(!isset($_SESSION['customer_id'])) {
	if(ACCOUNT_OPTIONS == 'guest')
		redirect(href_link(FILENAME_CREATE_GUEST_ACCOUNT, '', 'SSL'));
	else
		redirect(href_link(FILENAME_LOGIN, '', 'SSL'));
}

$_SESSION['payment'] = 'paypalexpress';

if(isset($_POST['act_shipping']))
	$_SESSION['act_shipping'] = 'true';

if(isset($_POST['act_payment']))
	$_SESSION['act_payment'] = 'true';

if(isset($_POST['payment']))
	$_SESSION['payment'] = $_POST['payment'];

if($_POST['comments_added'] != '')
	$_SESSION['comments'] = $_POST['comments'];

if(isset($_POST['cot_gv']))
	$_SESSION['cot_gv'] = true;

if($_SESSION['cart']->count_contents() < 1)
	redirect(href_link(FILENAME_SHOPPING_CART));

if(!($_SESSION['nvpReqArray']['TOKEN']) OR !($_SESSION['reshash']['PAYERID'])){
	unset($_SESSION['payment']);
	unset($_SESSION['nvpReqArray']);
	unset($_SESSION['reshash']);
	unset($_SESSION['sendto']);
	redirect(href_link(FILENAME_SHOPPING_CART));
}

if(isset($_SESSION['credit_covers']))
	unset($_SESSION['credit_covers']);

if((STOCK_CHECK == 'true') && (STOCK_ALLOW_CHECKOUT != 'true')) {
	$products = $_SESSION['cart']->get_products();
	$any_out_of_stock = 0;
	for($i = 0, $n = sizeof($products); $i < $n; $i++) {
		if(check_stock($products[$i]['id'], $products[$i]['quantity']))
			$any_out_of_stock = 1;
	}
	if($any_out_of_stock == 1)
		redirect(href_link(FILENAME_SHOPPING_CART));
}

if(!isset($_SESSION['sendto']))
	$_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
else {
	$check_address = $db->db_query("SELECT 
										COUNT(*) AS total 
									FROM 
										".TABLE_ADDRESS_BOOK." 
									WHERE 
										customers_id = '".(int)$_SESSION['customer_id']."' 
									AND 
										address_book_id = '".(int)$_SESSION['sendto']."'");
	if($check_address->fields['total'] != '1') {
		$_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
		if(isset($_SESSION['shipping']))
			unset($_SESSION['shipping']);
	}
}

if(!isset($_SESSION['billto']))
	$_SESSION['billto'] = $_SESSION['customer_default_address_id'];
else {
	$check_address = $db->db_query("SELECT 
										COUNT(*) AS total 
									FROM 
										".TABLE_ADDRESS_BOOK." 
									WHERE 
										customers_id = '".(int)$_SESSION['customer_id']."' 
									AND 
										address_book_id = '".(int)$_SESSION['billto']."'");

	if($check_address->fields['total'] != '1') {
		$_SESSION['billto'] = $_SESSION['customer_default_address_id'];
		if(isset($_SESSION['payment']))
			unset($_SESSION['payment']);
	}
}

require(DIR_WS_CLASSES.'class.order.php');
$order = new order();
if($order->delivery['country']['iso_code_2'] != '') {
	$_SESSION['delivery_zone'] = $order->delivery['country']['iso_code_2'];
}
$kein_versand=0;
if ($order->content_type == 'virtual' || ($order->content_type == 'virtual_weight') || ($_SESSION['cart']->count_contents_virtual() == 0))
	$kein_versand = 1;

$total_weight = $_SESSION['cart']->show_weight();
$total_count = $_SESSION['cart']->count_contents();

require(DIR_WS_CLASSES.'class.shipping.php');
$shipping_modules = new shipping();
if(defined('MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING') && (MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING == 'true')) {
	switch(MODULE_ORDER_TOTAL_SHIPPING_DESTINATION) {
		case 'national' :
			if($order->delivery['country_id'] == STORE_COUNTRY)
				$pass = true;
			break;
			
		case 'international' :
			if($order->delivery['country_id'] != STORE_COUNTRY)
				$pass = true;
			break;
			
		case 'both' :
			$pass = true;
			break;
			
		default :
			$pass = false;
			break;
	}
	$free_shipping = false;
	if(($pass == true) && ($order->info['total'] - $order->info['shipping_cost'] >= $price->format(MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER, false, 0, true))) {
		$free_shipping = true;
		include(DIR_WS_LANGUAGES.$_SESSION['language'].'/modules/order_total/ot_shipping.php');
	}
	
} else
	$free_shipping = false;

if(isset($_POST['action']) && ($_POST['action'] == 'process')) {
	if((count_shipping_modules() > 0) || ($free_shipping == true)) {
		if((isset($_POST['shipping'])) && (strpos($_POST['shipping'], '_'))) {
			$_SESSION['shipping'] = $_POST['shipping'];
			list($module, $method) = explode('_', $_SESSION['shipping']);
			if(is_object($$module) || ($_SESSION['shipping'] == 'free_free')) {
				if($_SESSION['shipping'] == 'free_free') {
					$quote[0]['methods'][0]['title'] = FREE_SHIPPING_TITLE;
					$quote[0]['methods'][0]['cost'] = '0';
				} else {
					$quote = $shipping_modules->quote($method, $module);
				}
				if(isset($quote['error'])) {
					unset($_SESSION['shipping']);
				} else {
					if((isset($quote[0]['methods'][0]['title'])) && (isset($quote[0]['methods'][0]['cost']))) {
						$_SESSION['shipping'] = array('id' => $_SESSION['shipping'], 'title' => (($free_shipping == true) ? $quote[0]['methods'][0]['title'] : $quote[0]['module'].' ('.$quote[0]['methods'][0]['title'].')'), 'cost' => $quote[0]['methods'][0]['cost']);
						redirect(href_link(FILENAME_PAYPAL_CHECKOUT, '', 'SSL'));
					}
				}
			} else {
				unset($_SESSION['shipping']);
			}
		}
	} else {
		$_SESSION['shipping'] = false;
		redirect(href_link(FILENAME_PAYPAL_CHECKOUT, '', 'SSL'));
	}
}
if($kein_versand==1)
	$_SESSION['shipping'] = false;

$quotes = $shipping_modules->quote();

if(!isset($_SESSION['shipping']) || (isset($_SESSION['shipping']) && ($_SESSION['shipping'] == false) && (count_shipping_modules() > 1)))
	$_SESSION['shipping'] = $shipping_modules->cheapest();
if($kein_versand==1)$_SESSION['shipping'] = false;
$order = new order();

require(DIR_WS_CLASSES.'class.payment.php');

$payment_modules = new payment($_SESSION['payment']);
$payment_modules->update_status();

require(DIR_WS_CLASSES.'class.order_total.php'); // GV Code ICW ADDED FOR CREDIT CLASS SYSTEM
$order_total_modules = new order_total();
$order_total_modules->process();

// GV Code Start
$order_total_modules->collect_posts();
$order_total_modules->pre_confirmation_check();
// GV Code End

if(is_array($payment_modules->modules))
	$payment_modules->pre_confirmation_check();

$breadcrumb->add(NAVBAR_TITLE_PAYPAL_CHECKOUT, href_link(FILENAME_PAYPAL_CHECKOUT, '', 'SSL'));
require(DIR_WS_INCLUDES.'header.php');
if(SHOW_IP_LOG == 'true') {
	$smarty->assign('IP_LOG', 'true');
	if($_SERVER["HTTP_X_FORWARDED_FOR"])
		$customers_ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
	else
		$customers_ip = $_SERVER["REMOTE_ADDR"];

	$smarty->assign('CUSTOMERS_IP',$customers_ip);
}

$smarty->assign('FORM_SHIPPING_ACTION', draw_form('checkout_shipping', href_link(FILENAME_PAYPAL_CHECKOUT, '', 'SSL')).draw_hidden_field('action', 'process'));
$smarty->assign('ADDRESS_SHIPPING_LABEL', address_label($_SESSION['customer_id'], $_SESSION['sendto'], true, ' ', '<br />'));
$smarty->assign('BUTTON_CONTINUE', image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE));
$smarty->assign('FORM_END', '</form>');
$smarty->assign('ADDRESS_PAYMENT_LABEL', address_label($_SESSION['customer_id'], $_SESSION['billto'], true, ' ', '<br />'));
if(PAYPAL_EXPRESS_ADDRESS_CHANGE == 'true') {
	$smarty->assign('BUTTON_SHIPPING_ADDRESS', '<a href="'.href_link(FILENAME_CHECKOUT_SHIPPING_ADDRESS, '', 'SSL').'">'.image_button('button_change_address.gif', IMAGE_BUTTON_CHANGE_ADDRESS).'</a>');
	$smarty->assign('BUTTON_PAYMENT_ADDRESS', '<a href="'.href_link(FILENAME_CHECKOUT_PAYMENT_ADDRESS, '', 'SSL').'">'.image_button('button_change_address.gif', IMAGE_BUTTON_CHANGE_ADDRESS).'</a>');
}
$module_smarty = new Smarty();
if(count_shipping_modules() > 0) {
	$showtax = $_SESSION['customers_status']['customers_status_show_price_tax'];
	$module_smarty->assign('FREE_SHIPPING', $free_shipping);

	if($free_shipping == true) {
		$module_smarty->assign('FREE_SHIPPING_TITLE', FREE_SHIPPING_TITLE);
		$module_smarty->assign('FREE_SHIPPING_DESCRIPTION', sprintf(FREE_SHIPPING_DESCRIPTION, $price->format(MODULE_SHIPPING_FREEAMOUNT_AMOUNT, true, 0, true)).draw_hidden_field('shipping', 'free_free'));
		$module_smarty->assign('FREE_SHIPPING_ICON', $quotes[$i]['icon']);
	} else {
		$radio_buttons = 0;
		for($i = 0, $n = sizeof($quotes); $i < $n; $i ++) {
			if(!isset($quotes[$i]['error'])) {
				for($j = 0, $n2 = sizeof($quotes[$i]['methods']); $j < $n2; $j ++) {
					$quotes[$i]['methods'][$j]['radio_buttons'] = $radio_buttons;
					$checked = (($quotes[$i]['id'].'_'.$quotes[$i]['methods'][$j]['id'] == $_SESSION['shipping']['id']) ? true : false);
					if(($checked == true) || ($n == 1 && $n2 == 1)) {
						$quotes[$i]['methods'][$j]['checked'] = 1;
					}
					if(($n > 1) || ($n2 > 1)) {
						if($_SESSION['customers_status']['customers_status_show_price_tax'] == 0)
							$quotes[$i]['tax'] = '';
						if($_SESSION['customers_status']['customers_status_show_price_tax'] == 0)
							$quotes[$i]['tax'] = 0;
						$quotes[$i]['methods'][$j]['price'] = $price->format(add_tax($quotes[$i]['methods'][$j]['cost'], $quotes[$i]['tax']), true, 0, true);
						$quotes[$i]['methods'][$j]['radio_field'] = draw_hidden_field('act_shipping', 'true').draw_radio_field('shipping', $quotes[$i]['id'].'_'.$quotes[$i]['methods'][$j]['id'], $checked, 'onclick="this.form.submit();"');
					} else {
						if($_SESSION['customers_status']['customers_status_show_price_tax'] == 0)
							$quotes[$i]['tax'] = 0;
						$quotes[$i]['methods'][$j]['price'] = $price->format(add_tax($quotes[$i]['methods'][$j]['cost'], $quotes[$i]['tax']), true, 0, true).draw_hidden_field('shipping', $quotes[$i]['id'].'_'.$quotes[$i]['methods'][$j]['id']);
					}
					$radio_buttons ++;
				}
			}
		}
		$module_smarty->assign('module_content', $quotes);
	}
	$module_smarty->caching = false;
	$shipping_block = $module_smarty->fetch(CURRENT_TEMPLATE.'/module/checkout_shipping_block.html');
}

if($order->info['total'] > 0) {
	if(isset($_GET['payment_error']) && is_object(${ $_GET['payment_error'] }) && ($error = ${$_GET['payment_error']}->get_error())) {
		$smarty->assign('error', htmlspecialchars($error['error']));
	}
	$selection = $payment_modules->selection();
	$radio_buttons = 0;
	for($i = 0, $n = sizeof($selection); $i < $n; $i++) {
		$selection[$i]['radio_buttons'] = $radio_buttons;
		if(($selection[$i]['id'] == $payment) || ($n == 1)) {
			$selection[$i]['checked'] = 1;
		}
		if(sizeof($selection) > 1)
			$selection[$i]['selection'] = draw_radio_field('payment', $selection[$i]['id'], ($selection[$i]['id'] == $_SESSION['payment']), 'onclick="this.form.submit();"').draw_hidden_field('act_payment', 'true');
		else
			$selection[$i]['selection'] = draw_hidden_field('payment', $selection[$i]['id']).draw_hidden_field('act_payment', 'true');

		if(isset($selection[$i]['error'])) {

		} else
			$radio_buttons++;
	}
	$module_smarty->assign('module_content', $selection);
} else
	$smarty->assign('GV_COVER', 'true');

if(ACTIVATE_GIFT_SYSTEM == 'true')
	$smarty->assign('module_gift', $order_total_modules->credit_selection());

$module_smarty->caching = false;
$payment_block = $module_smarty->fetch(CURRENT_TEMPLATE.'/module/checkout_payment_block.html');

if($message_stack->size('checkout_payment') > 0)
	$smarty->assign('error', $message_stack->output('checkout_payment'));

if($order->info['payment_method'] != 'no_payment' && $order->info['payment_method'] != '') {
	include(DIR_WS_LANGUAGES.'/'.$_SESSION['language'].'/modules/payment/'.$order->info['payment_method'].'.php');
	$smarty->assign('PAYMENT_METHOD', constant(MODULE_PAYMENT_.strtoupper($order->info['payment_method'])._TEXT_TITLE));
}

$temp_prods = $order->products;
for($i=0, $n=sizeof($temp_prods); $i<$n; $i++) {
	if($temp_prods[$i]['attributes']) {
		$attributes_model='';
		reset($temp_prods[$i]['attributes']);
		while(list($option, $value) = each($temp_prods[$i]['attributes'])) {
			$attributes_model .= get_attributes_model(get_prid($temp_prods[$i]['id']), $value['value'], $value['option']);
		}
		if($attributes_model) 
			$temp_prods[$i]['model'] .= $attributes_model;
	}
}
$smarty->assign('products_data', $temp_prods);

if(MODULE_ORDER_TOTAL_INSTALLED)
	$smarty->assign('total_block', $order_total_modules->pp_output());

if(is_array($checkout_payment_modules->modules)) {
	if($confirmation = $checkout_payment_modules->confirmation()) {
		for($i = 0, $n = sizeof($confirmation['fields']); $i < $n; $i++) {
			$payment_info[] = array('TITLE'=>$confirmation['fields'][$i]['title'],
															'FIELD'=>stripslashes($confirmation['fields'][$i]['field']));
		}
		$smarty->assign('PAYMENT_INFORMATION', $payment_info);
	}
}

if(isset($$_SESSION['payment']->form_action_url) && !$$_SESSION['payment']->tmpOrders)
	$form_action_url = $$_SESSION['payment']->form_action_url;
else
	$form_action_url = href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL');

$smarty->assign('CHECKOUT_FORM', draw_form('checkout_confirmation', $form_action_url, 'post'));
$checkout_payment_button = '';
if(is_array($checkout_payment_modules->modules))
	$checkout_payment_button .= $checkout_payment_modules->process_button();

$smarty->assign('MODULE_BUTTONS', $checkout_payment_button);
$smarty->assign('CHECKOUT_BUTTON', image_submit('button_confirm_order.gif', IMAGE_BUTTON_CONFIRM_ORDER)."\n");

if($order->info['shipping_method']) {
	$smarty->assign('SHIPPING_METHOD', $order->info['shipping_method']);
	$smarty->assign('SHIPPING_EDIT', href_link(FILENAME_PAYPAL_CHECKOUT_SHIPPING, '', 'SSL'));
}
$smarty->assign('COMMENTS', draw_textarea_field('comments', 'soft', '60', '5', $_SESSION['comments']).draw_hidden_field('comments_added', 'YES'));
$smarty->assign('ADR_checkbox', '<input type="checkbox" value="address" name="address" />');

if(DISPLAY_CONDITIONS_ON_CHECKOUT == 'true') {
	if(GROUP_CHECK == 'true') {
		$group_check = "and group_ids LIKE '%c_".$_SESSION['customers_status']['customers_status_id']."_group%'";
	}
	$shop_content_data = $db->db_query("SELECT
											content_title,
											content_heading,
											content_text,
											content_file
										FROM 
											".TABLE_CONTENT_MANAGER."
										WHERE 
											content_group = '".REVOCATION_ID."' ".$group_check."
										AND 
											languages_id = '".$_SESSION['languages_id']."'");
	
	if ($shop_content_data->fields['content_file'] != '') {
		if($shop_content_data->fields['content_file'] == 'janolaw_agb.php') {
			include (DIR_FS_INC.'inc.janolaw.php');
			$conditions = JanolawContent('agb', 'txt');
		} else
			$conditions = '<iframe src="'.DIR_WS_CATALOG.'media/content/'.$shop_content_data->fields['content_file'].'" width="100%" height="300"></iframe>';
	} else
		$conditions = '<div class="div_textarea">'.$shop_content_data->fields['content_text'].'</div>';
	
	$smarty->assign('AGB', $conditions);
	$smarty->assign('AGB_LINK', $main->getContentLink(3, MORE_INFO));
	if(isset($_GET['step']) && $_GET['step'] == 'step2')
		$smarty->assign('AGB_checkbox', '<input type="checkbox" value="conditions" name="conditions" checked="" />');
	else
		$smarty->assign('AGB_checkbox', '<input type="checkbox" value="conditions" name="conditions" />');
}

if(DISPLAY_REVOCATION_ON_CHECKOUT == 'true') {
	if(GROUP_CHECK == 'true')
		$group_check = "AND group_ids LIKE '%c_".$_SESSION['customers_status']['customers_status_id']."_group%'";

	$shop_content_data = $db->db_query("SELECT
											content_title,
											content_heading,
											content_text,
											content_file
										FROM 
											".TABLE_CONTENT_MANAGER."
										WHERE 
											content_group='".REVOCATION_ID."' ".$group_check."
										AND 
											languages_id='".$_SESSION['languages_id']."'");
	
	if ($shop_content_data->fields['content_file'] != '') {
		if($shop_content_data->fields['content_file'] == 'janolaw_agb.php') {
			include (DIR_FS_INC.'inc.janolaw.php');
			$revocation = JanolawContent('agb', 'txt');
		} else
			$revocation = '<iframe src="'.DIR_WS_CATALOG.'media/content/'.$shop_content_data->fields['content_file'].'" width="100%" height="300"></iframe>';
	} else
		$revocation = '<div class="div_textarea">'.$shop_content_data->fields['content_text'].'</div>';
	
	$smarty->assign('REVOCATION', $revocation);
	$smarty->assign('REVOCATION_TITLE', $shop_content_data->fields['content_heading']);
	$smarty->assign('REVOCATION_LINK', $main->getContentLink(REVOCATION_ID, MORE_INFO));
}

$smarty->assign('language', $_SESSION['language']);
if($kein_versand!=1)
	$smarty->assign('SHIPPING_BLOCK', $shipping_block);
$payment_hidden = draw_hidden_field('payment','paypalexpress').draw_hidden_field('act_payment','true');
$smarty->assign('PAYMENT_HIDDEN', $payment_hidden);
$smarty->caching = false;
$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/checkout_paypal.html');
$smarty->assign('language', $_SESSION['language']);
$smarty->assign('main_content', $main_content);
$smarty->caching = false;
if(!defined('RM'))
	$smarty->loadFilter('output', 'note');
$smarty->loadFilter('output','trimwhitespace');
$smarty->display(CURRENT_TEMPLATE.'/index.html');
include('includes/application_bottom.php');